Privacy Statement

Privacy statement

This privacy statement contains information about us, explains personal data and the processing of personal data and for what purposes we process your personal information. It explains your rights, what we do to ensure your personal data are safe and how long they are stored. This privacy statement applies where personal data about you is processed by us, i.e. when you visit our website (www.jaato.com) or register for a training.

 

Information about us

Stichting Beheer JAA Training Organisation

Beechavenue 1 - 19

1119 RA Schiphol-Rijk

Phone number: +31235679790

Chamber of Commerce number: 41225767

www.jaato.com

training@jaato.com

 

Personal data

Personal data are data that provide information about you that directly or indirectly identify you. I.e. your name, email address, telephone number, social security number, photo, etc.

 

Processing personal data

Processing personal data according to the General Data Protection Regulation (GDPR) is: collection, use, organisation, storage, consultation, adaptation or alteration, retrieval, recording, disclosure by forwarding, dissemination or otherwise making available, combining, blocking, erasure or destruction of your personal data.

 

Purposes

We process your personal data for the following purposes: so that we can contact you, for the implementation of an agreement with you, so that we can inform you of changes to our services or products, so that we can deliver our products or services to you, to send newsletters if you gave permission, for general or targeted offers, for your account on our website, to post reviews. We only process personal data that are necessary for these purposes.

We also process your personal information to fulfil legal obligations, improve our services, investigate complaints and prevent fraud. We will never sell your personal information to third parties. We don't draw up profiles of you and we don't take automated decisions that can have significant consequences for you. In order to take care of your personal data, we conclude a processing agreement with companies if those companies process your data in our assignment.

 

Personal data that we process

In order to carry out the purposes, we process the following personal data:

  • First and last name,
  • Gender,
  • Address,
  • Phone number,
  • E-mail address,
  • Date of birth,
  • Birthplace,
  • Civil service number,
  • IP address,
  • Bank account number,
  • Passport,
  • Company name,
  • Department,
  • Exam results,
  • Followed training,
  • Function,
  • Expertise,
  • Nationality.

 

Photography

Personal  data

Personal data is any information that can be used to identify a living individual directly or indirectly and that relates to them. A photograph is personal data where an image is clearly of an individual or group of individuals, who are the focus of the image.

Giving consent

Please note that filming/photography is taking place at JAA TO’s publicly announced training courses (hereafter: “events”) inside/outside the facility and/or classrooms for promotional and archival purposes. The photographs and recordings made are likely to appear on our website, printed and online publicity, social media, press releases or funding applications.

The sole purpose of the images taken during JAA TO events is to help achieve our aims to grab attention for future events, explain the concept of our event, and inspire others to join (“legitimate interest”). We collect, store and use the minimum amount of data we need for this purpose: the images taken during the event.

In accordance with this privacy statement, by agreeing with the terms and conditions, individuals attending JAA TO events give consent to the organisation (JAA TO) for the use of images where the person subject is included therein, taken by said organisation for production and use as described above. Giving consent, subjects understand and declare that consent is in a person subject’s free will, and not in any form of threat, and agree to waive rights to any claims to whatever the organisation may use of the image.

The images are the property of JAA TO. They will be stored securely, and separately, from other personal data in this privacy statement in accordance with and in compliance with GDPR guidelines.

Withdrawal of consent

Person subjects can withdraw consent at any time. Subjects may exercise the right to withdraw the use of images anytime after the effectivity of this consent. Images will cease to be used thereafter and can, upon request, be permanently deleted within four weeks of withdrawing consent.

If you would prefer not to be photographed, please get in touch with the JAA TO Communications Officer, Karl Schreiber, tel: +31 (0) 23 56 79 721, email: communications@jaato.com

If you have any questions relating to data protection, contact communications@jaato.com

 

Who we share Personal Data with

We may share personal data with third parties only to the extent necessary to perform their functions.

That can be business partners, suppliers, agents and/or sub-contractors for the performance of any agreement we enter into with you. They may assist us in providing the services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, updating and analysing data, providing IT and other support services or in other tasks, from time to time. We may have to disclose or share your personal data in order to comply with any legal obligation.

In the case of transfers of personal data to third parties that are located in a country that is not subject to an adequacy decision by the European Commission, we will only transfer your personal data to third parties provided that there are contractual arrangements with them to ensure that processing of personal data is consistent with the obligations set out in the GDPR.

 

Safety

Personal data are personal and should remain personal. We find it just as important as you that your personal data do not go public or are processed unlawfully. We have policies and procedures that aim to ensure that all our staff, contractors and others that we work with and who process any personal data held by us or on our behalf, are aware of and abide by their duties under the GDPR. We, therefore, implemented appropriate technical and organisational measures to safely handle your personal data.

To secure your personal data we use security software such as a virus scanner and firewall, passwords for electronic systems, a secure internet connection, backups and encryption. All premises and data centres used by us for IT infrastructure are secured by access control systems and only a limited number of staff members and, on occasion, reputable and trusted third party IT suppliers that are subject to appropriate data protection and confidential obligations, have supervised physical or remote access to our IT infrastructure and systems.

 

Storage personal data

We do not store your personal data longer than is strictly necessary for carrying out the purposes. If there are legal requirements applicable to the storage, the personal data are no longer stored as required by law. We will delete personal data that are no longer required in an appropriate and secure manner.

 

You also have rights

Wish to know which personal data we processed? Send an email to training@jaato.com with a request for access to your data. You will receive a response to the request within four weeks.

Are your personal data incorrect, incomplete, irrelevant for the purposes for which they are processed or otherwise in breach of the GDPR or other legislation? Send an email to training@jaato.com with a request for correction of your personal data. Correction also means addition, deletion or even blocking of your personal data. You also have the right to object to the processing of your personal data, the right to have fewer data processed, the right to withdraw permission and you have given and the right to data portability.

Send your request to training@jaato.com. Or contact us by phone: +31235679790. You will receive a response to the request within four weeks. If your request is not satisfactorily handled, you can always submit a complaint to the Dutch Data Protection Authority. 

 

Updates

We review our policies and procedures regularly and we reserve the right to amend the terms of this Privacy Statement from time to time at our absolute discretion. Any amended Privacy Statement will be posted on our website and you are encouraged to visit our website from time to time to ensure that you are aware of our latest policies in relation to the protection of your personal data.